<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
 <head>
  <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  <title>验证签名</title>
 </head>
 <body class="docs"><div id="layout">
  <div id="layout-content"><div id="function.openssl-verify" class="refentry">
 <div class="refnamediv">
  <h1 class="refname">openssl_verify</h1>
  <p class="verinfo">(PHP 4 &gt;= 4.0.4, PHP 5, PHP 7)</p><p class="refpurpose"><span class="refname">openssl_verify</span> &mdash; <span class="dc-title">验证签名</span></p>

 </div>
 
 <div class="refsect1 description" id="refsect1-function.openssl-verify-description">
  <h3 class="title">说明</h3>
  <div class="methodsynopsis dc-description">
   <span class="methodname"><strong>openssl_verify</strong></span>
    ( <span class="methodparam"><span class="type">string</span> <code class="parameter">$data</code></span>
   , <span class="methodparam"><span class="type">string</span> <code class="parameter">$signature</code></span>
   , <span class="methodparam"><span class="type"><a href="language.pseudo-types.html#language.types.mixed" class="type mixed">mixed</a></span> <code class="parameter">$pub_key_id</code></span>
   [, <span class="methodparam"><span class="type"><a href="language.pseudo-types.html#language.types.mixed" class="type mixed">mixed</a></span> <code class="parameter">$signature_alg</code><span class="initializer"> = OPENSSL_ALGO_SHA1</span></span>
  ] ) : <span class="type">int</span></div>

  <p class="para rdfs-comment">
   <span class="function"><strong>openssl_verify()</strong></span> 使用与<code class="parameter">pub_key_id</code>关联的公钥验证指定数据<code class="parameter">data</code>的签名<code class="parameter">signature</code>是否正确。这必须是与用于签名的私钥相对应的公钥。
  </p>
 </div>


 <div class="refsect1 parameters" id="refsect1-function.openssl-verify-parameters">
  <h3 class="title">参数</h3>
  <p class="para">
   <dl>

    
     <dt>
<code class="parameter">data</code></dt>

     <dd>

      <p class="para">
       以前用来生成签名的数据字符串。
      </p>
     </dd>

    
    
     <dt>
<code class="parameter">signature</code></dt>

     <dd>

      <p class="para">
       原始二进制字符串，通过<span class="function"><a href="openssl_sign.html" class="function">openssl_sign()</a></span>或类似的函数生成。
      </p>
     </dd>

    
    
     <dt>
<code class="parameter">pub_key_id</code></dt>

     <dd>

      <p class="para">
       <span class="type"><a href="language.types.resource.html" class="type resource">resource</a></span> _ 一个密钥, 通过 <span class="function"><a href="openssl_get_publickey.html" class="function">openssl_get_publickey()</a></span> 函数返回。
      </p>
      <p class="para">
       <span class="type"><a href="language.types.string.html" class="type string">string</a></span> - 一个 PEM 格式的密钥, 比如, &quot;-----BEGIN PUBLIC KEY-----
MIIBCgK...&quot;
      </p>     
     </dd>

    
    
     <dt>
<code class="parameter">signature_alg</code></dt>

     <dd>

      <p class="para">
       <span class="type"><a href="language.types.integer.html" class="type int">int</a></span> _ 以下签名算法之一<a href="openssl.signature_algos.html" class="link">Signature Algorithms</a>.
      </p>
      <p class="para">
       <span class="type"><a href="language.types.string.html" class="type string">string</a></span> _ 由<span class="function"><a href="openssl_get_md_methods.html" class="function">openssl_get_md_methods()</a></span>函数返回的可用字符串，比如， &quot;sha1WithRSAEncryption&quot; 或者 &quot;sha512&quot;.
      </p>
     </dd>

    
   </dl>

  </p>
 </div>


 <div class="refsect1 returnvalues" id="refsect1-function.openssl-verify-returnvalues">
  <h3 class="title">返回值</h3>
  <p class="para">
   如果签名正确返回 1, 签名错误返回 0, 内部发生错误则返回-1.
  </p>
 </div>


 <div class="refsect1 changelog" id="refsect1-function.openssl-verify-changelog">
  <h3 class="title">更新日志</h3>
  <p class="para">
   <table class="doctable informaltable">
    
     <thead>
      <tr>
       <th>版本</th>
       <th>说明</th>
      </tr>

     </thead>

     <tbody class="tbody">
      <tr>
       <td>5.2.0</td>
       <td>
        添加了 <code class="parameter">signature_alg</code> 参数。
       </td>
      </tr>

     </tbody>
    
   </table>

  </p>
 </div>


 <div class="refsect1 examples" id="refsect1-function.openssl-verify-examples">
  <h3 class="title">范例</h3>
  <p class="para">
   <div class="example" id="example-954">
    <p><strong>Example #1 <span class="function"><strong>openssl_verify()</strong></span> 范例：</strong></p>
    <div class="example-contents">
<div class="phpcode"><pre><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br /></span><span style="color: #FF8000">//&nbsp;$data&nbsp;and&nbsp;$signature&nbsp;are&nbsp;assumed&nbsp;to&nbsp;contain&nbsp;the&nbsp;data&nbsp;and&nbsp;the&nbsp;signature<br /><br />//&nbsp;fetch&nbsp;public&nbsp;key&nbsp;from&nbsp;certificate&nbsp;and&nbsp;ready&nbsp;it<br /></span><span style="color: #0000BB">$pubkeyid&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_pkey_get_public</span><span style="color: #007700">(</span><span style="color: #DD0000">"file://src/openssl-0.9.6/demos/sign/cert.pem"</span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">//&nbsp;state&nbsp;whether&nbsp;signature&nbsp;is&nbsp;okay&nbsp;or&nbsp;not<br /></span><span style="color: #0000BB">$ok&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_verify</span><span style="color: #007700">(</span><span style="color: #0000BB">$data</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$signature</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$pubkeyid</span><span style="color: #007700">);<br />if&nbsp;(</span><span style="color: #0000BB">$ok&nbsp;</span><span style="color: #007700">==&nbsp;</span><span style="color: #0000BB">1</span><span style="color: #007700">)&nbsp;{<br />&nbsp;&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #DD0000">"good"</span><span style="color: #007700">;<br />}&nbsp;elseif&nbsp;(</span><span style="color: #0000BB">$ok&nbsp;</span><span style="color: #007700">==&nbsp;</span><span style="color: #0000BB">0</span><span style="color: #007700">)&nbsp;{<br />&nbsp;&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #DD0000">"bad"</span><span style="color: #007700">;<br />}&nbsp;else&nbsp;{<br />&nbsp;&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #DD0000">"ugly,&nbsp;error&nbsp;checking&nbsp;signature"</span><span style="color: #007700">;<br />}<br /></span><span style="color: #FF8000">//&nbsp;free&nbsp;the&nbsp;key&nbsp;from&nbsp;memory<br /></span><span style="color: #0000BB">openssl_free_key</span><span style="color: #007700">(</span><span style="color: #0000BB">$pubkeyid</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">?&gt;</span>
</span>
</pre></div>
    </div>

   </div>
   <div class="example" id="example-955">
    <p><strong>Example #2 <span class="function"><strong>openssl_verify()</strong></span> 范例：</strong></p>
    <div class="example-contents">
<div class="phpcode"><pre><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br /></span><span style="color: #FF8000">//data&nbsp;you&nbsp;want&nbsp;to&nbsp;sign<br /></span><span style="color: #0000BB">$data&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #DD0000">'my&nbsp;data'</span><span style="color: #007700">;<br /><br /></span><span style="color: #FF8000">//create&nbsp;new&nbsp;private&nbsp;and&nbsp;public&nbsp;key<br /></span><span style="color: #0000BB">$private_key_res&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_pkey_new</span><span style="color: #007700">(array(<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #DD0000">"private_key_bits"&nbsp;</span><span style="color: #007700">=&gt;&nbsp;</span><span style="color: #0000BB">2048</span><span style="color: #007700">,<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #DD0000">"private_key_type"&nbsp;</span><span style="color: #007700">=&gt;&nbsp;</span><span style="color: #0000BB">OPENSSL_KEYTYPE_RSA</span><span style="color: #007700">,<br />));<br /></span><span style="color: #0000BB">$details&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_pkey_get_details</span><span style="color: #007700">(</span><span style="color: #0000BB">$private_key_res</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$public_key_res&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_pkey_get_public</span><span style="color: #007700">(</span><span style="color: #0000BB">$details</span><span style="color: #007700">[</span><span style="color: #DD0000">'key'</span><span style="color: #007700">]);<br /><br /></span><span style="color: #FF8000">//create&nbsp;signature<br /></span><span style="color: #0000BB">openssl_sign</span><span style="color: #007700">(</span><span style="color: #0000BB">$data</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$signature</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$private_key_res</span><span style="color: #007700">,&nbsp;</span><span style="color: #DD0000">"sha1WithRSAEncryption"</span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">//verify&nbsp;signature<br /></span><span style="color: #0000BB">$ok&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_verify</span><span style="color: #007700">(</span><span style="color: #0000BB">$data</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$signature</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$public_key_res</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">OPENSSL_ALGO_SHA1</span><span style="color: #007700">);<br />if&nbsp;(</span><span style="color: #0000BB">$ok&nbsp;</span><span style="color: #007700">==&nbsp;</span><span style="color: #0000BB">1</span><span style="color: #007700">)&nbsp;{<br />&nbsp;&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #DD0000">"valid"</span><span style="color: #007700">;<br />}&nbsp;elseif&nbsp;(</span><span style="color: #0000BB">$ok&nbsp;</span><span style="color: #007700">==&nbsp;</span><span style="color: #0000BB">0</span><span style="color: #007700">)&nbsp;{<br />&nbsp;&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #DD0000">"invalid"</span><span style="color: #007700">;<br />}&nbsp;else&nbsp;{<br />&nbsp;&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #DD0000">"error:&nbsp;"</span><span style="color: #007700">.</span><span style="color: #0000BB">openssl_error_string</span><span style="color: #007700">();<br />}<br /></span><span style="color: #0000BB">?&gt;</span>
</span>
</pre></div>
    </div>

   </div>
  </p>
 </div>


 <div class="refsect1 seealso" id="refsect1-function.openssl-verify-seealso">
  <h3 class="title">参见</h3>
  <p class="para">
   <ul class="simplelist">
    <li class="member"><span class="function"><a href="openssl_sign.html" class="function" rel="rdfs-seeAlso">openssl_sign()</a> - Generate signature</span></li>
   </ul>
  </p>
 </div>


</div></div></div></body></html>